Privacy Notice

 

Effective Date: June 8, 2024 

 

INTRODUCTION

At Coral Mountain ltd. (“CoralMountainData,” “us,” or “we”), we respect and protect the privacy of our customers and individuals who use our website, products, and services. Please read this Privacy Notice (“Notice”) carefully to understand how we collect, use, store, share, process, and protect personal information across our website, products, and services. This Notice also describes the rights and choices that individuals have with respect to their personal information, and how to contact CoralMountainData to learn more about our privacy practices.

 
 

1. ABOUT CORALMOUNTAINDATA

Launched in 2024, CoralMountainData is an enterprise data mining solution used to train machine learning models. Our Artificial Intelligence (“AI”) enabled labeling tools, partners, and Application Programming Interface (“API”) help developers and organizations annotate their data.

 
 

2. SCOPE AND APPLICABILITY

This Notice describes how we collect, use, store, share, protect, and otherwise process personal information across Coral Mountain products, services, the Coral Mountain website at www.coralmountaindata.com (“Site”), and through other standard business practices (collectively, “Services”).

For the purposes of this Notice, personal information means any information relating to an identified or identifiable individual. Examples of personal information include name, email address, and phone number.

This Notice applies to all Coral Mountain prospective and current customers, including free tier and paying customers that use our Services. This Notice also applies to our customers’ end-users, partners, and other individuals that we collect personal information from through the course of providing our Services and operating our Site. This Notice does not apply to Coral Mountain employee and job applicant personal information.

 
 

3. PERSONAL INFORMATION WE COLLECT

We collect a limited amount of personal information from individuals through your use of our Services, and otherwise with your consent. In some cases, we receive information directly from you, such as your name and email address when you sign up for our Services. In other cases, we receive information through your use of our Services, or from third parties. We collect different types of personal information in the situations described below.

  • Registration and Account Information – When you contact Coral Mountain, we collect your name, phone number, email address, and company role/title, username, and password. You provide this information to us directly during the account registration process.

  • Product Demonstrations – When you request a product demonstration through our Site, we collect your name, company email address, job title, and phone number, and other company-related information.

  • Customer Support – When users of our Services submit support issues when using our Services, we collect their email and customer support issue details.

  • Customer and Business Partner Information – We collect personal information from individuals working for our customers or business partners, including suppliers, vendors, and other partners. This information includes name, job title, department and organization name, business email, business mailing addresses, and business phone number.

  • Third Parties – We collect information about you from certain third-party services for marketing purposes. We receive this information from sales intelligence software firms and publicly available resources, such as LinkedIn.

  • Marketing Activities – We collect personal information from individuals when we attend events, conferences, and other business meetings. This includes business contact information such as name, email address, and phone number.

  • Browser and Device Information – We automatically collect information from users of our Services and Site visitors, including unique device identification numbers, operating system version, browser type, pages viewed, links clicked, IP address, date and time of Site visit, and the number of times you return to our Site.

We may aggregate and anonymize information received to produce reports on Site activity and statistics. We use Google AdWords to collect and analyze such information. For more information please see our Cookie Notice.

See the “Your Choices and Rights” section below for more information about how to limit CoralMountainData’s collection and use of personal information.

 
 

4. HOW WE USE PERSONAL INFORMATION

We use collected personal information to:

Communicate with you – We may contact you to respond to your inquiries, requests, and/or send important notices via email or our live chat service on our Site. This includes, for example, providing you with customer support or informing you about new features and updates to our Services.

Provide our Services – We use collected information to register, administer, and manage your account, verify your identity, and provide our Services to users. We may also use your information to diagnose and resolve issues with our Site or Services.

Market our Services – We use your collected information to market our Services, such as to send you email communications about our products and offerings. To learn more about how we collect information when you visit our Site, see our Cookie Notice.

Comply with the law – We use your information as needed to carry out appropriate compliance and/or security checks, such as when we need to enforce our contracts and agreements with our customers or comply with applicable law enforcement obligations.

 
 

5. HOW WE SHARE PERSONAL INFORMATION

We disclose your personal information only with selected recipients for specific purposes, including:

  • Service Providers and Other Third Parties – We use a limited number of third-party service providers to assist us in making our Services available to you. We share personal information with the following third parties, business partners, vendors, service providers, and suppliers, as well as consultants and Workforce Partners, who need access to your information to assist us with providing our Services. Coral Mountain does not share personal information with third parties for direct marketing purposes.
Service provider. Activities Location
Amazon Web Services Application AI inference USA
Anthrophic Application AI inference USA
Auth0 Identity management USA
BigQuery by Google Application data warehouse and analytics USA
Census Data Data warehouse connector USA
CloudAMQP Application queue USA
Cloudflare Application CDN USA
Datadog Devops software USA
DocuSign Electronic signature and contract solution USA
Elastic Application text search USA
Google Cloud Platform Cloud storage USA
Intercom Customer communication service USA
Jira Service Management by Atlassian Customer support and service queue management USA
LaunchDarkly Operations and service maintenance USA
Marketo Marketing email service USA
Microsoft Azure Application AI inference USA
OpenAI Application AI inference USA
Redis Application memory cache USA
Replicate Application AI inference USA
Salesforce Customer relationship management USA
Stripe Payment processing USA

Please note that before engaging a new service provider, we subject it to security and privacy compliance review and onboarding processes to ensure the safe and compliant processing of your personal data. Transfers of your personal data to Coral Mountain are protected in multiple ways, including through the obligations in the Standard Contractual Clauses that we include in our Data Protection Agreements with third-party vendors and customers, and supplementary measures implemented to protect Customer Personal Data outlined in our Data Transfer Impact Assessment, and our self-certification with the Department of Commerce’s EU-U.S. Data Privacy Framework (DPF). Please see the “Supplemental Notice for EEA, UK, and Switzerland Residents” section below and our Data Transfer Impact Assessment for further details regarding the safe transfer of your personal data.

Third-Party Responsibilities – Each third party that we share personal information with is responsible for maintaining its own privacy notice and practices related to the use and protection of personal information. Coral Mountain requires third-party service providers acting on our behalf or with whom we share personal information to also provide appropriate security measures under industry standards. We will always ensure that any third parties with whom we share personal information are subject to privacy and security obligations consistent with this Notice and applicable laws.

Legal, Regulatory, and Compliance Purposes – We may share your information as required by law, such as responding to lawful requests by public authorities, including to meet national security or law enforcement requirements, investigate fraud, comply with a subpoena, bankruptcy proceedings, or similar legal process.

Sale, Merger, or Acquisition – In the event we sell or transfer all or a portion of our business or assets, we will use reasonable efforts to direct the transferee to use your personal information in a manner that is consistent with the terms in this Notice.

 
 

6. HOW WE PROTECT INFORMATION

We use reasonable and appropriate physical, technical, and administrative safeguards to prevent unauthorized use, access, loss, misuse, alteration, or destruction of your personal information. We periodically review our policies and procedures to ensure they are effectively upholding our commitment to protecting your personal information. We also require third-party service providers, who may act on our behalf or with whom we share your information, to also demonstrate appropriate security measures in line with industry standards.

Notwithstanding our security safeguards, it is impossible to guarantee absolute security in all situations. If you have any questions about the security of our Services, please contact us at privacy@coralmountaindata.com.

 
 

7. DATA STORAGE AND RETENTION

Coral Mountain uses Vietnam-based data hosting service providers to store the data we collect from individuals and employ appropriate technical measures to secure this data. We maintain strict privacy and security compliance practices to ensure that your personal information is protected from unauthorized access and against unlawful processing. Please visit our Privacy & Security Program page for more information on our specific controls to safeguard your information.

 
 

8. YOUR CHOICES AND RIGHTS

Where appropriate or legally required, we will describe how we use your personal information, so you can make choices about how your data is used. You can notify us of your preferences during the information collection process and change your selection at any time by contacting us directly.

  • Marketing emails – You can choose to stop receiving marketing emails by following the unsubscribe instructions included in these emails, or by contacting us at privacy@coralmountaindata.com. 

 

Accessing, Correcting, and Updating Your Information

You may have certain rights in connection with the personal information we obtain about you. To update your preferences, correct your information, limit the communications you receive from us, or submit a request to exercise your data rights, contact us as specified in the “Contact Us” section below.

As required by applicable law, including provisions in the General Data Protection Regulation (“GDPR”) and other privacy laws and regulations, you may have the right to:

  • Request access to certain personal information we maintain about you;

  • Request that we update, correct, amend personal information where it is inaccurate or incomplete;

  • Request to erase, restrict use, or object to processing of certain personal information; and

  • Exercise your right to data portability to request a copy of your data.

In some circumstances, you can withdraw consent you previously provided to us or object to the processing of your personal information, and we will apply your preferences moving forward.

 
 

Exercising Your Rights

If you wish to exercise any of these rights above, please visit our website (www.coralmountaindata.com) and submit a request using our online support function or contact us as specified in the “Contact Us” section below. To help protect your privacy and maintain security, we take steps to verify your identity before granting you access to your information. We may also decline your access request, but if we do, we will provide an explanation for our decision.

Please note that your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another individual or you ask to delete information that we are permitted by law to retain.

If you have unresolved concerns, you may have the right to complain to a data protection authority or supervisory authority in the country where you live, where you work, or where you feel your rights were infringed. If you have any questions, contact us as specified in the “Contact Us” section below.

 
 

9. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and other similar technologies to collect information about your browsing activities when you navigate through our Site. Cookies help make interactions with our Site easier and faster for you. We also use cookies to analyze trends, administer our Services, and track activity and interactions with our Site. For more information about how we use cookies and to learn how to manage cookies, please see our Cookie Notice.

We do not respond to web browser “Do-Not-Track” signals. We do not serve targeted advertisements in our Services at this time.

 
 

10. SUPPLEMENTAL NOTICE FOR EEA, UK, AND SWITZERLAND RESIDENTS

 
 

LEGAL BASES FOR PROCESSING FOR EEA USERS

If you are an individual from the European Economic Area (“EEA”), we collect and process your personal information only where we have legal basis for doing so under applicable EU laws. The legal basis depends on the Services you use and how you use them. This means we collect and use your personal information only:

  • To fulfill our contractual obligations to you;

  • To operate our business, including to improve and develop our services, for fraud prevention purposes, improve user experience, or other legitimate interest; and/or

  • As otherwise in compliance with law.

For questions on the legal basis for processing, please refer to the “Your Choices and Rights” section or contact us at the address listed in the “Contact Us” section.

 
 

International Data Transfers

To provide our best-in-class Services, including technical support, we may disclose your personal information to countries outside of your data residence. Specifically, we may transfer the personal information you provide to the United States and other countries where our affiliates, business partners, and service providers are located.

Coral Mountain Data ensures the protection of your personal information in accordance with this Notice and applicable data protection laws. When sharing the personal information of customers in the European Economic Area, the UK, or Switzerland, we ensure protection through the following mechanisms:

  • Incorporating both the European Commission-approved Standard Contractual Clauses (SCCs) and the UK-approved International Data Transfer Addendum into Data Protection Agreements (DPAs) with us.
  • Implementing SCCs with our third-party service providers, guaranteeing equal or greater data protection under applicable laws;
  • Applying supplementary measures to protect personal data as outlined in our Data Transfer Impact Assessment; and
  • Upholding certification to the U.S. Department of Commerce’s EU-U.S. Data Privacy Framework (DPF). For more details, please refer to the “Data Privacy Framework Certification” section below;
  • Utilizing other appropriate legal mechanisms to safeguard data transfers.

For questions or concerns about international data transfers, please contact us at privacy@coralmountaindata.com.

 
 

Data Privacy Framework Certification

Coral Mountain Data has self-certified its commitment to comply with the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) as established by the U.S. Department of Commerce, and relies on the following frameworks for the processing of personal data transfers in unique data residencies:

  • The EU-U.S DPF for personal data transfers from the European Union and European Economic Area;
  • The UK Extension to the EU-U.S. DPF for personal data transfers from the United Kingdom and Gibraltar; and
  • The Swiss-U.S. DPF for personal data transfers from Switzerland.

Collectively known as “DPF Principles,” these principles govern our data privacy practices. In cases of any conflicts between the terms in this privacy policy and the EU-U.S. DPF Principles, UK Extension, and/or the Swiss-U.S. DPF Principles, the DPF Principles shall prevail. To learn more about the Data Privacy Framework (DPF) program and to view our certification please visit https://www.dataprivacyframework.gov/.

In compliance with the Data Privacy Framework, Coral Mountain Data commits to addressing and resolving complaints regarding the collection and use of your personal information with respect to the Data Privacy Framework Principles. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the Data Privacy Framework should first contact Coral Mountain Dataat privacy@coralmountaindata.com with the subject “Data Privacy Framework.”

Coral Mountain Data also commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.

If you have an unresolved DPF complaint that you believe we have not satisfactorily addressed, we are also committed to refer the complaint to JAMS Data Privacy Dispute Resolution Program. This program is an independent dispute resolution provider located in the U.S. and is made available to you free of charge. For more information or to submit a complaint, please visit https://www.jamsadr.com/eu-us-data-privacy-framework.

Under certain conditions, more fully described on the Data Privacy Framework website, you may be entitled to invoke binding arbitration when other dispute resolution options do not satisfactorily resolve your concerns.
Please note that Coral Mountain, ltd. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

 
 

Onward Transfers

If Coral Mountain Data transfers information onward to a third-party service provider acting as Coral Mountain Data’s our agent, Coral Mountain Data continues to remain liable under the DPF Principles if the agent processes the information in a manner inconsistent with the DPF’s Principles, unless Coral Mountain Data is not responsible for the event giving rise to the damage.

 
 

Complaints

Your concerns are important to us and the avenues for addressing them are readily available. If you have concerns or wish to file a complaint, you have the option to address a data protection authority in your country or region. This applies to the place where you habitually reside, your workplace, or if you believe there has been an alleged breach of applicable data protection law. A comprehensive list of EEA data protection authorities is available. You can also contact the UK Information Commissioner’s Office.

 
 

11. SUPPLEMENTAL DISCLOSURE FOR UNITED STATES RESIDENTS

This section provides additional details about the personal information we collect about individuals and the rights afforded to them under various applicable U.S. state data protection and privacy laws, including:

  • The California Consumer Privacy Act (CCPA);
  • The Colorado Privacy Act (CPA);
  • The Connecticut Data Privacy Act (CTDPA); and
  • The Virginia Consumer Data Protection Act (VCDPA).

The personal information that we have collected and disclosed for a business purpose (including to our service providers) in the past 12 months fall into the following categories, specifically established under the CCPA:

  • Identifiers/Contact information, like your real name, postal address, unique personal identifier, online identifier, internet protocol address, and email address;
  • Information under Cal. Civ. Code §1798.80(e), such as your name, address, telephone number, or any financial information;
  • Commercial information, such as information related to products or services you have purchased;
  • Internet or other electronic network activity information, such as information regarding your interaction with Coral Mountain Products;
  • Geolocation data; such as approximate location data based on your IP address;
  • Audio, electronic, visual, or similar information, such as audio recordings of calls with you;
  • Inferences drawn on the information above, such as aggregated metrics; and
  • For more information about the categories of personal information we collect, please see the “Personal Information We Collect” section above.
 
 

Additional Privacy Rights for California Residents

  • Non-Discrimination — California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.
  • Authorized Agent — Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth below.
  • Verification — To protect your privacy, we will take steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include asking you to log in to your account or verify your email address.

If you are a California resident and would like to exercise any of your rights under the CCPA, please contact us as specified in the “Contact Us” section below. We will process such requests following applicable laws. As defined by the CCPA, CoralMountainData does not sell personal information of California residents, nor do we have knowledge of any sale of personal information of minors under 16 years of age.

 
 

Additional Privacy Rights for Nevada Residents

If you are a resident of Nevada, you have the right to opt out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. You can exercise your right by contacting us as specified in the “Contact Us” section below with the subject line “Nevada Do Not Sell Request,” and providing us with your name and the email address associated with your CoralMountainData account. As defined by Nevada Revised Statutes Chapter 603A, CoralMountainData does not sell personal information of Nevada residents.

 
 

12. THE CHILDREN’S ONLINE PRIVACY PROTECTION ACT (“COPPA”)

Our Services are not directed to children under the age of 13, and we do not knowingly collect information from children under the age of 13. CoralMountainData Services are not intended for persons under the age of 13. If you learn that a child under the age of 13 has provided us with personal information contrary to these rules, please contact us as specified in the “Contact Us” section below.

 
 

13. THIRD-PARTY SERVICES, APPLICATIONS, AND WEBSITE

Certain third-party services, websites, or applications you use or navigate to and from our Services may have separate user terms and privacy policies that are independent of this Notice. This includes, for example, websites owned and operated by our customers or partners. We are not responsible for the privacy practices of these third-party services or applications. We recommend carefully reviewing the user terms and privacy statement of each third-party service, website, and/or application prior to use.

 
 

14. CHANGES TO THIS NOTICE

We periodically update this Privacy Notice to describe new features, products, or services, and how those changes affect our use of your information. If we make material changes to this Privacy Notice, we will provide notification through our services and/or notify you directly.

 
 

15. CONTACT US

If you have questions or complaints about this Notice or about our information handling practices, please contact us at privacy@coralmountaindata.com or write to us at: 

Attn: Coral Mountain, ltd.
04 Hoa Tra, Meyhome Capital.
Phu Quoc, 92500

We will investigate and attempt to resolve any such complaint or dispute regarding the use or disclosure of your personal information.